Full List

Search

Recent Breaches

• Users participating to the ICO of the Bee Token Crypto Currency January 31, 2018 • [ social, phishing, finance ] Users who were aiming to buy Bee Tokens during a Token Generation Event (i.e., an initial coin offering) are tricked into sending the money to scammers instead. The attackers steal nearly $1M worth of cryptocurrency.
• GoGet January 31, 2018 • [ hack, automotive ] Car-sharing company GoGet discloses a major data breach seven months after it was first detected in June 2017 as the alleged hacker is arrested by Australian police this week. In an email sent to customers, the firm says its IT team identified "unauthorised activity" on its system on 27 June last year and immediately launched a full internal investigation.
• ABN Ambro January 30, 2018 • [ hack, ddos, finance ] ABN Ambro is targeted by a new DDoS attack. Now the fingers are pointed to Russia.
• ING January 30, 2018 • [ hack, ddos, finance ] And during the same wave of DDoS attacks, also ING is targeted (once again).
• Spartanburg Public Library January 30, 2018 • [ ransomware, malware, education ] The Spartanburg Public Library system is shut down after it is hit with a ransomware attack.
• PropTiger January 30, 2018 • [ leak, misconfiguration, technology ] In January 2018, the Indian property website PropTiger suffered a data breach which resulted in a 3.46GB database file being exposed and subsequently shared extensively on a popular hacking forum 2 years later. The exposed data contained both user records and login histories with over 2M unique customer email addresses. Exposed data also included additional personal attributes such as names, dates of birth, genders, IP addresses and passwords stored as MD5 hashes. PropTiger advised they believe the usability of the data is "limited" due to how certain data attributes were generated and stored. The data was provided to HIBP by dehashed.com.
• JoomlArt January 30, 2018 • [ leak, misconfiguration, technology ] In January 2018, the Joomla template website JoomlArt inadvertently exposed more than 22k unique customer records in a Jira ticket. The exposed data was from iJoomla and JomSocial, both services that JoomlArt acquired the previous year. The data included usernames, email addresses, purchases and passwords stored as MD5 hashes. When contacted, JoomlArt advised they were aware of the incident and had previously notified impacted parties.
• Dutch tax authority January 29, 2018 • [ hack, ddos, government ] The Dutch Tax Authority is also taken down by a DDoS attack.
• Rabobank January 29, 2018 • [ hack, ddos, finance ] Rabobank is the third of the big Dutch banks to be targeted by a DDoS attack.
• Chester County School District January 29, 2018 • [ ransomware, malware, education ] Chester County School District posts on its Facebook page that ransomware hit the district's servers over the weekend.
• DigID January 29, 2018 • [ hack, ddos, government ] The Dutch official online signature system DigID is also reportedly hit by the same wave of DDoS attacks.
• Experty January 28, 2018 A hacker tricks Experty ICO participants into sending Ethereum funds to the wrong wallet address. He is able to do this by sending emails with a fake pre-ICO sale announcement to Experty users who signed up for notifications. The bounty amounts to $150,000.
• Ontario Progressive Conservative Party January 28, 2018 • [ ransomware, malware, government ] The Ontario Progressive Conservative Party's internal database is locked up by a ransomware attack in early November. The incident is first being acknowledged now.
• ABN Ambro January 27, 2018 • [ hack, ddos, finance ] ABN Ambro is the victim of a sustained DDoS attack. The wave of cyberattacks comes just days after local media reported that Dutch intelligence agency AIVD spied on Russia-linked hacker group Cozy Bear, also known as APT29, as early as 2014.
• ING January 27, 2018 • [ finance ] During the same weekend, also ING is targeted.
• phpBB January 26, 2018 • [ hack, malware, technology ] An unknown attacker compromises download links for the phpBB forum software, according to a statement released today by the phpBB development team.
• Coincheck January 26, 2018 • [ hack, finance ] Japanese cryptocurrency exchange Coincheck confirms that some $524 million worth of digital coins (a cryptocurrency called NEM) has been stolen "likely making it the largest single hack on an exchange.
• SVR (COZYBEAR) January 25, 2018 • [ espionage, government ] A threat actor successfully compromised the networks of the Dukes (Cozy Bear), gaining visibility into the Dukes' targeting methods and operations. This compromise allegedly helped the U.S. intelligence community to attribute the 2016 compromise of the Democratic National Committee and other entities to Russian state-sponsored actors.
• Harris County January 24, 2018 • [ financial, phishing, government ] Harris County lose almost $900K in a phishing scam. The attack dates back to September 2017.
• Bell Canada January 23, 2018 • [ hack, technology ] Police are investigating a new data breach at Bell Canada (the second in eight months), which says hackers have illegally obtained customer information, primarily subscriber names and e-mail addresses of up to 100,000 users.